[Joomla-commits] r22952 - in development/releases/1.5: . administrator/includes includes libraries/joomla libraries/joomla/crypt libraries/joomla/user

[dexter...@jcode001.directrouter.com]

Author: dextercowley
Date: 2012-03-26 19:40:16 -0500 (Mon, 26 Mar 2012)
New Revision: 22952

Added:
development/releases/1.5/libraries/joomla/crypt/
development/releases/1.5/libraries/joomla/crypt/crypt.php
development/releases/1.5/libraries/joomla/crypt/index.html
Modified:
development/releases/1.5/CHANGELOG.php
development/releases/1.5/administrator/includes/framework.php
development/releases/1.5/administrator/includes/helper.php
development/releases/1.5/includes/framework.php
development/releases/1.5/libraries/joomla/user/helper.php
development/releases/1.5/libraries/joomla/version.php
Log:
Prepare for 1.5.26 release

Modified: development/releases/1.5/CHANGELOG.php
===================================================================
--- development/releases/1.5/CHANGELOG.php 2012-03-26 07:56:20 UTC (rev 22951)
+++ development/releases/1.5/CHANGELOG.php 2012-03-27 00:40:16 UTC (rev 22952)
@@ -2,7 +2,7 @@
/**
* @version $Id$
* @package Joomla
-* @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
+* @copyright Copyright (C) 2005 - 2012 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
@@ -36,13 +36,15 @@
- -> Removed
! -> Note

+-------------------- 1.5.26 Stable Release [27-March-2012] ------------------
+
-------------------- 1.5.25 Stable Release [14-November-2011] ------------------

-------------------- 1.5.24 Stable Release [17-October-2011] ------------------

30-Sept-2011 Jean-Marie Simonet
+$ Adding ka-GE installation language
-
+
19-Apri-2011 Andrew Eddie
# Fixed [#21622] 303 redirections cause page subresources to be reloaded on WebKit browsers (Nicholas Dionysopoulos).

Modified: development/releases/1.5/administrator/includes/framework.php
===================================================================
--- development/releases/1.5/administrator/includes/framework.php 2012-03-26 07:56:20 UTC (rev 22951)
+++ development/releases/1.5/administrator/includes/framework.php 2012-03-27 00:40:16 UTC (rev 22952)
@@ -2,7 +2,7 @@
/**
* @version $Id$
* @package Joomla
-* @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
+* @copyright Copyright (C) 2005 - 2012 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
@@ -24,7 +24,7 @@
/*
* Installation check, and check on removal of the install directory.
*/
-if (!file_exists( JPATH_CONFIGURATION . DS . 'configuration.php' ) || (filesize( JPATH_CONFIGURATION . DS . 'configuration.php' ) < 10) /*|| file_exists( JPATH_INSTALLATION . DS . 'index.php' )*/) {
+if (!file_exists( JPATH_CONFIGURATION . DS . 'configuration.php' ) || (filesize( JPATH_CONFIGURATION . DS . 'configuration.php' ) < 10) || file_exists( JPATH_INSTALLATION . DS . 'index.php' )) {
header( 'Location: ../installation/index.php' );
exit();
}

Modified: development/releases/1.5/administrator/includes/helper.php
===================================================================
--- development/releases/1.5/administrator/includes/helper.php 2012-03-26 07:56:20 UTC (rev 22951)
+++ development/releases/1.5/administrator/includes/helper.php 2012-03-27 00:40:16 UTC (rev 22952)
@@ -2,7 +2,7 @@
/**
* @version $Id$
* @package Joomla
-* @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
+* @copyright Copyright (C) 2005 - 2012 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
@@ -36,7 +36,7 @@
$option = strtolower(JRequest::getCmd('option'));

$user =& JFactory::getUser();
- if ($user->get('guest')) {
+ if (!$user->authorize('login', 'administrator')) {
$option = 'com_login';
}

Modified: development/releases/1.5/includes/framework.php
===================================================================
--- development/releases/1.5/includes/framework.php 2012-03-26 07:56:20 UTC (rev 22951)
+++ development/releases/1.5/includes/framework.php 2012-03-27 00:40:16 UTC (rev 22952)
@@ -2,7 +2,7 @@
/**
* @version $Id$
* @package Joomla
-* @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
+* @copyright Copyright (C) 2005 - 2012 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
@@ -24,7 +24,7 @@
/*
* Installation check, and check on removal of the install directory.
*/
-if (!file_exists( JPATH_CONFIGURATION . DS . 'configuration.php' ) || (filesize( JPATH_CONFIGURATION . DS . 'configuration.php' ) < 10) /*|| file_exists( JPATH_INSTALLATION . DS . 'index.php' )*/) {
+if (!file_exists( JPATH_CONFIGURATION . DS . 'configuration.php' ) || (filesize( JPATH_CONFIGURATION . DS . 'configuration.php' ) < 10) || file_exists( JPATH_INSTALLATION . DS . 'index.php' )) {
if( file_exists( JPATH_INSTALLATION . DS . 'index.php' ) ) {
header( 'Location: installation/index.php' );
exit();

Added: development/releases/1.5/libraries/joomla/crypt/crypt.php
===================================================================
--- development/releases/1.5/libraries/joomla/crypt/crypt.php (rev 0)
+++ development/releases/1.5/libraries/joomla/crypt/crypt.php 2012-03-27 00:40:16 UTC (rev 22952)
@@ -0,0 +1,153 @@
+<?php
+/**
+ * @version $Id$
+ * @package Joomla.Platform
+ * @subpackage Crypt
+ *
+ * @copyright Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
+ * @license GNU General Public License version 2 or later; see LICENSE
+ */
+
+defined('JPATH_BASE') or die();
+
+/**
+ * JCrypt is a Joomla Platform class for handling basic encryption/decryption of data.
+ *
+ * @package Joomla.Platform
+ * @subpackage Crypt
+ * @since 12.1
+ */
+class JCrypt
+{
+ /**
+ * Generate random bytes.
+ *
+ * @param integer $length Length of the random data to generate
+ *
+ * @return string Random binary data
+ *
+ * @since 12.1
+ * @note This method requires PHP 5
+ */
+ function genRandomBytes($length = 16)
+ {
+ $sslStr = '';
+ /*
+ * if a secure randomness generator exists and we don't
+ * have a buggy PHP version use it.
+ */
+ if (
+ function_exists('openssl_random_pseudo_bytes')
+ && (version_compare(PHP_VERSION, '5.3.4') >= 0
+ || substr(PHP_OS, 0, 3) !== 'WIN'
+ )
+ )
+ {
+ $sslStr = openssl_random_pseudo_bytes($length, $strong);
+ if ($strong)
+ {
+ return $sslStr;
+ }
+ }
+
+ /*
+ * Collect any entropy available in the system along with a number
+ * of time measurements of operating system randomness.
+ */
+ $bitsPerRound = 2;
+ $maxTimeMicro = 400;
+ $shaHashLength = 20;
+ $randomStr = '';
+ $total = $length;
+
+ // Check if we can use /dev/urandom.
+ $urandom = false;
+ $handle = null;
+ if (function_exists('stream_set_read_buffer') && @is_readable('/dev/urandom'))
+ {
+ $handle = @fopen('/dev/urandom', 'rb');
+ if ($handle)
+ {
+ $urandom = true;
+ }
+ }
+
+ while ($length > strlen($randomStr))
+ {
+ $bytes = ($total > $shaHashLength)? $shaHashLength : $total;
+ $total -= $bytes;
+ /*
+ * Collect any entropy available from the PHP system and filesystem.
+ * If we have ssl data that isn't strong, we use it once.
+ */
+ $entropy = rand() . uniqid(mt_rand(), true) . $sslStr;
+ $entropy .= implode('', @fstat(fopen( __FILE__, 'r')));
+ $entropy .= memory_get_usage();
+ $sslStr = '';
+ if ($urandom)
+ {
+ stream_set_read_buffer($handle, 0);
+ $entropy .= @fread($handle, $bytes);
+ }
+ else
+ {
+ /*
+ * There is no external source of entropy so we repeat calls
+ * to mt_rand until we are assured there's real randomness in
+ * the result.
+ *
+ * Measure the time that the operations will take on average.
+ */
+ $samples = 3;
+ $duration = 0;
+ for ($pass = 0; $pass < $samples; ++$pass)
+ {
+ $microStart = microtime(true) * 1000000;
+ $hash = sha1(mt_rand(), true);
+ for ($count = 0; $count < 50; ++$count)
+ {
+ $hash = sha1($hash, true);
+ }
+ $microEnd = microtime(true) * 1000000;
+ $entropy .= $microStart . $microEnd;
+ if ($microStart > $microEnd) {
+ $microEnd += 1000000;
+ }
+ $duration += $microEnd - $microStart;
+ }
+ $duration = $duration / $samples;
+
+ /*
+ * Based on the average time, determine the total rounds so that
+ * the total running time is bounded to a reasonable number.
+ */
+ $rounds = (int)(($maxTimeMicro / $duration) * 50);
+
+ /*
+ * Take additional measurements. On average we can expect
+ * at least $bitsPerRound bits of entropy from each measurement.
+ */
+ $iter = $bytes * (int) ceil(8 / $bitsPerRound);
+ for ($pass = 0; $pass < $iter; ++$pass)
+ {
+ $microStart = microtime(true);
+ $hash = sha1(mt_rand(), true);
+ for ($count = 0; $count < $rounds; ++$count)
+ {
+ $hash = sha1($hash, true);
+ }
+ $entropy .= $microStart . microtime(true);
+ }
+ }
+
+ $randomStr .= sha1($entropy, true);
+ }
+
+ if ($urandom)
+ {
+ @fclose($handle);
+ }
+
+ return substr($randomStr, 0, $length);
+ }
+}

Property changes on: development/releases/1.5/libraries/joomla/crypt/crypt.php
___________________________________________________________________
Added: svn:keywords
+ Id
Added: svn:eol-style
+ LF

Added: development/releases/1.5/libraries/joomla/crypt/index.html
===================================================================
--- development/releases/1.5/libraries/joomla/crypt/index.html (rev 0)
+++ development/releases/1.5/libraries/joomla/crypt/index.html 2012-03-27 00:40:16 UTC (rev 22952)
@@ -0,0 +1 @@
+<!DOCTYPE html><title></title>

Property changes on: development/releases/1.5/libraries/joomla/crypt/index.html
___________________________________________________________________
Added: svn:eol-style
+ LF

Modified: development/releases/1.5/libraries/joomla/user/helper.php
===================================================================
--- development/releases/1.5/libraries/joomla/user/helper.php 2012-03-26 07:56:20 UTC (rev 22951)
+++ development/releases/1.5/libraries/joomla/user/helper.php 2012-03-27 00:40:16 UTC (rev 22952)
@@ -3,7 +3,7 @@
* @version $Id:helper.php 6961 2007-03-15 16:06:53Z tcp $
* @package Joomla.Framework
* @subpackage User
-* @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
+* @copyright Copyright (C) 2005 - 2012 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
@@ -272,14 +272,16 @@
}

/**
- * Generate a random password
+ * Generate a random password on PHP4
+ * The password is not truely random, but the best we can do for PHP4.
+ * To get a stronger random number, use PHP5.
*
* @static
* @param int $length Length of the password to generate
* @return string Random Password
- * @since 1.5
+ * @since 1.5.26
*/
- function genRandomPassword($length = 8)
+ function genRandomPasswordPHP4($length = 8)
{
$salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$len = strlen($salt);
@@ -293,6 +295,59 @@
}

/**
+ * Generate a random password
+ * This method is secure.
+ *
+ * @static
+ * @param int $length Length of the password to generate
+ * @return string Random Password
+ * @since 1.5.26
+ */
+ function genRandomPasswordPHP5($length = 8)
+ {
+ $salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+ $base = strlen($salt);
+ $makepass = '';
+
+ /*
+ * Start with a cryptographic strength random string, then convert it to
+ * a string with the numeric base of the salt.
+ * Shift the base conversion on each character so the character
+ * distribution is even, and randomize the start shift so it's not
+ * predictable.
+ */
+ jimport('joomla.crypt.crypt');
+ $random = JCrypt::genRandomBytes($length + 1);
+ $shift = ord($random[0]);
+
+ for ($i = 1; $i <= $length; ++$i)
+ {
+ $makepass .= $salt[($shift + ord($random[$i])) % $base];
+ $shift += ord($random[$i]);
+ }
+
+ return $makepass;
+ }
+
+ /**
+ * Generate a random password
+ *
+ * @static
+ * @param int $length Length of the password to generate
+ * @return string Random Password
+ * @since 1.5
+ */
+ function genRandomPassword($length = 8)
+ {
+ if (version_compare(PHP_VERSION, '5.0.0', '<')) {
+ return $makepass = JUserHelper::genRandomPasswordPHP4($length);
+ }
+ else {
+ return $makepass = JUserHelper::genRandomPasswordPHP5($length);
+ }
+ }
+
+ /**
* Converts to allowed 64 characters for APRMD5 passwords.
*
* @access private

Modified: development/releases/1.5/libraries/joomla/version.php
===================================================================
--- development/releases/1.5/libraries/joomla/version.php 2012-03-26 07:56:20 UTC (rev 22951)
+++ development/releases/1.5/libraries/joomla/version.php 2012-03-27 00:40:16 UTC (rev 22952)
@@ -2,7 +2,7 @@
/**
* @version $Id$
* @package Joomla.Framework
- * @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
+ * @copyright Copyright (C) 2005 - 2012 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
@@ -26,13 +26,13 @@
/** @var string Development Status */
var $DEV_STATUS = 'Stable';
/** @var int Sub Release Level */
- var $DEV_LEVEL = '25';
+ var $DEV_LEVEL = '26';
/** @var int build Number */
var $BUILD = '';
/** @var string Codename */
- var $CODENAME = 'senu takaa ama mamni';
+ var $CODENAME = 'senu takaa ama busani';
/** @var string Date */
- var $RELDATE = '14-November-2011';
+ var $RELDATE = '27-March-2012';
/** @var string Time */
var $RELTIME = '18:00';
/** @var string Timezone */

_______________________________________________
Joomla-commits mailing list
Joomla-...@joomlacode.org
http://joomlacode.org/mailman/listinfo/joomla-commits